Rapid7 Vulnerability & Exploit Database

Symantec Endpoint Protection: Local Client ADC Buffer Overflow (CVE-2014-3434)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Symantec Endpoint Protection: Local Client ADC Buffer Overflow (CVE-2014-3434)

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

08/06/2014

Created

07/25/2018

Added

08/08/2014

Modified

10/05/2021

Description

Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.

Solution(s)

symantec-endpoint-protection-upgrade-latest

References

https://attackerkb.com/topics/cve-2014-3434
68946
252068
CVE - 2014-3434

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Symantec Endpoint Protection: Local Client ADC Buffer Overflow (CVE-2014-3434)

Symantec Endpoint Protection: Local Client ADC Buffer Overflow (CVE-2014-3434)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.